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DETAILED ACTION 

1 . This Office action is in response to the Applicant's Amendment filed 03/27/2008. 
Claims 1 , 5, 1 1 , 26, 28-31 , and 33-34 are amended. 
Claims 2, 7-10, 12-25, 27 and 32 are canceled. 
Claims 1 , 3-6, 1 1 , 26, 28-31 , and 33-35 are presented for examination. 

Response to Arguments 

1 . Applicant's arguments filed 03/27/2008 have been fully considered but they are 
not persuasive. The amended limitations are addressed in the following rejections. 

Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

2. Claims 1, 3-6, 11, 26, 28-35 are rejected under 35 U.S.C. 112, first paragraph, as 
failing to comply with the written description requirement. The claim(s) contains subject 
matter which was not described in the specification in such a way as to reasonably 
convey to one skilled in the relevant art that the inventor(s), at the time the application 
was filed, had possession of the claimed invention. After carefully reviewing paragraphs 
13 and 17 in the specification of the present application as suggested by Applicant's 
Representative, Examiner states that there is no support for the amended limitation "the 
authorization certificate including revoker certificate associated with the revoker" in the 
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independent Claims 1,11, and 26. Applicant's Representative is required to clarify this 
issue in the next response. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 1, 3-6, 11, 26, 28-35 are rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which applicant regards as the invention. 

Claims 1,11, and 26 recite the limitation "sending the authorization certificate to 
the first party" in line 1 0. It is unclear that the first party or revoking party is receiving the 
authorization certificate. According to the paragraph 17 in the specification is disclosed 
such as "In another embodiment, each revoking entity may receive an authorization 
certificate from the RDS or from another authority that authorizes that entity as a 
revoker for Alice's certificate." 

Claim Objections 

4. Claims 1,11, and 26 are objected to because of the following informalities: "the 
digital certificate" in lines 12, 16-17 should be —the digital certificate of the second 
party—-. Appropriate correction is required. 
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Claims 3 and 6 are objected to because of the following informalities: The 
method of claim 2 in line 1 should be-- The method of claim 1—. Appropriate correction 
is required. 

Claim 4 is objected to because of the following informalities: "the second party's 
certificate" in line 3 should be — certificate of the second party. Appropriate correction 
is required. 

Claim 5 is objected to because of the following informalities: "the digital 
certificate" in line 3 should be — the digital certificate of the second party—. 
Appropriate correction is required. 

Claim 34 is objected to because of the following informalities: "The system of 
claim 32" in line 1 should be —The system of claim 11—. Appropriate correction is 
required. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1 , 3-6, 1 1 , 26, 28-31 , and 33-35 are rejected under 35 U.S.C. 1 03(a) as 
being unpatentable over Cook et al. (U.S. Patent 6,922,776) hereinafter Cook in view of 
Kaliski Jr., (U.S. Patent 6,085,320) hereinafter Kaliski, and further in view of Geer, Jr. et 
al, (U.S. Patent 6,212,634 B1) hereinafter Geer. 
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With the respect to claims 1 and 26, Cook discloses registering a first party and a 
second party with a database at a server (see col. 10, lines 10-30; selection of contracts 
associated with users are stored in a database on the certificate server), wherein the 
first party is register as a party relying on a digital certificate of the second party (Figure 
2, col. 9, lines 5-15); Bob 30 submits the contract to the certificate server 100, step 
256); 

receiving a request to revoke the second party's certificate after registering the 
first party (see col. 7, lines 13-22; col. 7, lines 40-48; revocation of the electronic 
certificate). 

Cook does not disclose "authenticating the request in accordance with a pre- 
defined policy associated with the digital certificate of the second party." 

However, Kaliski discloses authenticating the request in accordance with a pre- 
defined policy associated with the digital certificate of the second party (see col. 2, lines 
22-35; col. 4, lines 5-9; col. 5, lines 30-31). 

Therefore, it would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains to have 
modified Cook reference to include the teachings of Kaliski to have included the step of 
authenticating the request in accordance with a pre-defined policy for the integrity of the 
communication between the parties and also "for protection against the certification 
authority or unauthorized servers, respectively" (see Kaliski Jr. col. 2, lines 39-41). 

Cook and Kaliski disclose the limitations of Claims 1 and 26 above. Cook and 
Kaliski do not disclose generating an authorization certificate by a revoker of digital 
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certificates; sending the authorization certificate to the first party, the authorization 
certificate including a revoker certificate associated with the revoker. 

However, Geer expressly discloses generating an authorization certificate by a 
revoker of digital certificates (Abstract and Figure 2A, step 27); sending the 
authorization certificate to the first party (Abstract and Figure 2A, step 33), the 
authorization certificate including a revoker certificate associated with the revoker (col. 
3, lines 55- col. 4, line 30). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to have incorporated Geer's invention within Cook and 
Kaliski to include generating an authorization certificate by a revoker of digital 
certificates; sending the authorization certificate to the first party. One of ordinary skill in 
the art would have been motivated to do this because it would use the authorization 
certificate as evidence that the authorized computer is authorized by the owner (col. 1, 
lines 42-45). 

Cook, Kaliski, and Geer disclose the limitations of Claims 1 and 26 above. Cook, 
Kaliski, and Geer further disclose revoking the digital certificate (see Cook, col. 6, lines 
47-54; col. 7, lines 13-20; replacement of the entire electronic certificate with a new 
electronic certificate) in accordance to a revocation policy (Cook, col. 6, lines 50-55; the 
change in the condition of the electronic certificate may be due to something internal in 
the electronic certificate 154 itself, such as an expiration date causing the electronic 
certificate 1 54 to expire); and 
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initiating communication with the first party to indicate that the digital certificate 
has been revoked (see Cook, col. 6, lines 55-62; certificate server second module is for 
notifying a user of the electronic certificate condition when its revoked), wherein the 
communication includes notifying the first party that the digital certificate has been 
revoked (Cook, col. 9, lines 34-36, Once the change is detected, the module 208 
notifies Bob 30 of the change, step 264), wherein the notification is further sent to other 
parties registering with the database as relying on the second party's certificate (Cook, 
col. 6, lines 59-65; The certificate user 30 may also comprise one or more of a plurality 
of users in a company who are notified when any electronic certificate 154 in the 
company's domain is revoked or changed.) 

With the respect to claim 1 1 , Cook discloses a system comprising: a server 
having an integrated circuit coupled with a storage medium via a bus (see Figure 1, 
element 100, col. 6, lines 35-38), the server further having a registration database (see 
col. 10, lines 10-30; selection of contracts associated with users are stored in a 
database on the certificate server) to register a first party as a relying party for a digital 
certificate of the second party (Figure 2, col. 9, lines 5-15); (Bob 30 submits the contract 
to the certificate server 100, step 256); 

receiving a request to revoke the second party's certificate after registering the 
first party (see col. 7, lines 13-22; col. 7, lines 40-48; revocation of the electronic 
certificate). 
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Cook does not disclose "authenticating the request in accordance with a pre- 
defined policy associated with the digital certificate of the second party." 

However, Kaliski discloses authenticating the request in accordance with a pre- 
defined policy associated with the digital certificate of the second party (see col. 2, lines 
22-35; col. 4, lines 5-9; col. 5, lines 30-31). 

Therefore, it would have been obvious at the time the invention was made to a 
person having ordinary skill in the art to which said subject matter pertains to have 
modified Cook reference to include the teachings of Kaliski to have included the step of 
authenticating the request in accordance with a pre-defined policy for the integrity of the 
communication between the parties and also "for protection against the certification 
authority or unauthorized servers, respectively" (see Kaliski Jr. col. 2, lines 39-41). 

Cook and Kaliski disclose the limitations of Claims 1 and 26 above. Cook and 
Kaliski do not disclose generating an authorization certificate by a revoker of digital 
certificates; sending the authorization certificate to the first party, the authorization 
certificate including a revoker certificate associated with the revoker. 

However, Geer expressly discloses generating an authorization certificate by a 
revoker of digital certificates (Abstract and Figure 2A, step 27); sending the 
authorization certificate to the first party (Abstract and Figure 2A, step 33), the 
authorization certificate including a revoker certificate associated with the revoker (col. 
3, lines 55- col. 4, line 30). 

Accordingly, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to have incorporated Geer's invention within Cook and 
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Kaliski to include generating an authorization certificate by a revoker of digital 
certificates; sending the authorization certificate to the first party. One of ordinary skill in 
the art would have been motivated to do this because it would use the authorization 
certificate as evidence that the authorized computer is authorized by the owner (col. 1, 
lines 42-45). 

Cook, Kaliski, and Geer disclose the limitations of Claims 1 and 26 above. Cook, 
Kaliski, and Geer further disclose revoking the digital certificate (see Cook, col. 6, lines 
47-54; col. 7, lines 13-20; replacement of the entire electronic certificate with a new 
electronic certificate) in accordance to a revocation policy (Cook, col. 6, lines 50-55; the 
change in the condition of the electronic certificate may be due to something internal in 
the electronic certificate 154 itself, such as an expiration date causing the electronic 
certificate 154 to expire); and 

initiating communication with the first party to indicate that the digital certificate 
has been revoked (see Cook, col. 6, lines 55-62; certificate server second module is for 
notifying a user of the electronic certificate condition when its revoked), wherein the 
communication includes notifying the first party that the digital certificate has been 
revoked (Cook, col. 9, lines 34-36, Once the change is detected, the module 208 
notifies Bob 30 of the change, step 264), wherein the notification is further sent to other 
parties registering with the database as relying on the second party's certificate (Cook, 
col. 6, lines 59-65; The certificate user 30 may also comprise one or more of a plurality 
of users in a company who are notified when any electronic certificate 154 in the 
company's domain is revoked or changed.) 
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With the respect to claims 3, 27, and 32, Cook, Kaliski, and Geer disclose the 
limitations of Claims 1 and 11 above. Cook, Kaliski, and Geer further disclose wherein 
initiating communication with the first party (see col. 6, lines 55-57; certificate server 
second module is for notifying a user) further comprises sending a revocation message 
to a machine (see col. 6, lines 44-47 "workstation, pc, fax machine, etc") that is 
associated with the first party (see col. 7, lines 1-8; col. 7, lines 40-48; notify by 
electronic mail the certificate user the certificate change of condition like revocation). 

With the respect to claims 4 and 29, Cook, Kaliski, and Geer disclose the 
limitations of Claims 1 and 11 above. Cook, Kaliski, and Geer further disclose verifying 
authenticity of the revocation message (see Cook col. 7, lines 1-8; col. 7, lines 40-48; 
col. 8 line 60-col.9 line 5; "executing various authentication procedures and modifying 
access control information to indicate the revocation of the second party's certificate 
(see Cook col. 8, lines 1-5; "updating the electronic certificate with respect to the 
certificate user to the new version of the electronic certificate"). 

With the respect to claims 5, 30, and 34, Cook, Kaliski, and Geer disclose the 
limitations of Claims 1 and 11 above. Cook, Kaliski, and Geer further disclose wherein 
accepting the request to revoke the second party's certificate comprises accepting the 
request by authenticating a signature (see Cook, col. 8, lines 60-64; "The certificate 
server may sign, or authenticate Alice's electronic certificate") incorporated in the 
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request with one of a list of revoker certificates associated with the second party's 
certificate (see Cook, col. 7, lines 30-34; a certificate revocation list-CRL). 

With the respect to claims 6, 31, and 35, Cook, Kaliski, and Geer disclose the 
limitations of Claims 1 and 11 above. Cook, Kaliski, and Geer further disclose wherein 
the server initiating communication with a first party (see Cook col. 6, lines 55-57; 
certificate server second module is for notifying a user) further comprises the server 
sending an email message to an email address for the first party (see Cook col. 7, lines 
1-8; "electronic mail"). 

Conclusion 

6. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Baotran N. To whose telephone number is (571)272- 
8156. The examiner can normally be reached on Monday-Friday from 8:00 to 4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Y. Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

IB. N. T.I 

Examiner, Art Unit 2135 
/KimYen Vu/ 

Supervisory Patent Examiner, Art Unit 2135 



